def instance_has_resize_reverted(instance,
log_files,
alarms,
event_logs,
alarm_history,
start_datetime,
end_datetime,
action=False,
guest_hb=False):
"""
Returns true if the instance resize has been reverted
"""
success, reason = instance_is_running(instance)
if not success:
return False, reason
if not _alarms.was_instance_resize_revert_alarm(alarm_history, instance,
guest_hb):
return False, "instance resize-revert alarms were not created"
if not _event_logs.are_resize_revert_logs_created(event_logs, instance,
guest_hb):
return False, "instance resize-revert logs not created"
records = forensic.evidence_from_files(log_files, start_datetime,
end_datetime)
success, reason = forensic.analysis_instance_resize_revert_success(
instance['id'], instance['name'], records, action, guest_hb)
if not success:
return False, reason
return True, "instance resize has been reverted"
def instance_has_cold_migrate_confirmed(instance,
log_files,
alarms,
event_logs,
alarm_history,
start_datetime,
end_datetime,
action=False,
guest_hb=False):
"""
Returns true if the instance cold-migrate has been confirmed
"""
success, reason = instance_is_running(instance)
if not success:
return False, reason
if not _event_logs.are_cold_migrate_confirm_logs_created(
event_logs, instance, guest_hb):
return False, "instance cold-migrate-confirm logs not created"
records = forensic.evidence_from_files(log_files, start_datetime,
end_datetime)
success, reason = forensic.analysis_instance_cold_migrate_confirm_success(
instance['id'], instance['name'], records, action, guest_hb)
if not success:
return False, reason
return True, "instance migrate has been confirmed"
def instance_has_suspended(instance,
log_files,
alarms,
event_logs,
alarm_history,
start_datetime,
end_datetime,
action=False,
guest_hb=False):
"""
Returns true if the instance has suspended
NOTE: Nova was modified to pause instances when a suspend request is
sent, so for now, check that the instance is paused. Eventually the
suspend API should be disabled.
"""
success, reason = instance_is_paused(instance)
if not success:
return False, reason
if not _alarms.is_instance_pause_alarm(alarms, instance, guest_hb):
return False, "instance pause alarm is not raised"
if not _event_logs.are_suspend_logs_created(event_logs, instance,
guest_hb):
return False, "instance suspend logs not created"
records = forensic.evidence_from_files(log_files, start_datetime,
end_datetime)
success, reason = forensic.analysis_instance_suspend_success(
instance['id'], instance['name'], records, action, guest_hb)
if not success:
return False, reason
return True, "instance has suspended"
def instance_has_unpaused(instance,
log_files,
alarms,
event_logs,
alarm_history,
start_datetime,
end_datetime,
action=False,
guest_hb=False):
"""
Returns true if the instance has unpaused
"""
success, reason = instance_is_running(instance)
if not success:
return False, reason
if _alarms.is_instance_pause_alarm(alarms, instance, guest_hb):
return False, "instance pause alarm is raised"
if not _event_logs.are_unpause_logs_created(event_logs, instance,
guest_hb):
return False, "instance unpause logs not created"
records = forensic.evidence_from_files(log_files, start_datetime,
end_datetime)
success, reason = forensic.analysis_instance_unpause_success(
instance['id'], instance['name'], records, action, guest_hb)
if not success:
return False, reason
return True, "instance has unpaused"
def process_main():
"""
Forensic - Process Main
"""
try:
arg_parser = argparse.ArgumentParser()
arg_parser.add_argument('-c', '--config', help='configuration file')
arg_parser.add_argument('-s', '--start_date', help='start date')
arg_parser.add_argument('-e', '--end_date', help='end date')
args = arg_parser.parse_args()
if args.config:
config.load(args.config)
else:
print("No configuration given.")
sys.exit(1)
if args.start_date:
try:
start_date = datetime.datetime.strptime(
args.start_date, "%Y-%m-%d %H:%M:%S")
except ValueError:
print("Start-Date '%s' is invalid, "
"expected=<YYYY-MM-DD HH:MM:SS>" % args.start_date)
sys.exit(1)
else:
start_date = datetime.datetime.min
if args.end_date:
try:
end_date = datetime.datetime.strptime(args.start_date,
"%Y-%m-%d %H:%M:%S")
except ValueError:
print("End-Date '%s' is invalid, "
"expected=<YYYY-MM-DD HH:MM:SS>" % args.start_date)
sys.exit(1)
else:
end_date = datetime.datetime.max
forensic.forensic_initialize()
utf8_writer = codecs.getwriter('utf8')
sys.stdout = utf8_writer(sys.stdout)
def progress(percentage):
sys.stdout.write("\r Complete: {0:.0f}%".format(percentage))
sys.stdout.flush()
records = forensic.evidence_from_files(config.CONF.get('files'),
start_date, end_date, progress)
forensic.analysis_stdout(records)
except Exception as e:
print("Exception: %s" % e)
sys.exit(1)
finally:
forensic.forensic_finalize()
def instance_has_cold_migrated(instance,
log_files,
alarms,
event_logs,
alarm_history,
start_datetime,
end_datetime,
original_host,
to_host=None,
action=False,
guest_hb=False):
"""
Returns true if the instance has cold-migrated
"""
if action:
success, reason = instance_is_resized(instance)
if not success:
return False, reason
else:
success, reason = instance_is_running(instance)
if not success:
return False, reason
if original_host == instance['OS-EXT-SRV-ATTR:host']:
return False, "instance has not cold-migrated"
if to_host is not None:
if to_host != instance['OS-EXT-SRV-ATTR:host']:
return False, "instance did not cold-migrate to specified host"
if not _alarms.is_instance_cold_migrated_alarm(alarms, instance, guest_hb):
return False, "instance cold-migrated alarm was not created"
if not _alarms.was_instance_cold_migrate_alarm(alarm_history, instance,
guest_hb):
return False, "instance cold-migrate alarms were not created"
if not _event_logs.are_cold_migrate_logs_created(event_logs, instance,
guest_hb):
return False, "instance cold-migrate logs not created"
records = forensic.evidence_from_files(log_files, start_datetime,
end_datetime)
success, reason = forensic.analysis_instance_cold_migrate_success(
instance['id'], instance['name'], records, action, guest_hb)
if not success:
return False, reason
return True, "instance has migrated"
